This is an automated email from the ASF dual-hosted git repository. rfscholte pushed a commit to branch MRELEASE-1037 in repository https://gitbox.apache.org/repos/asf/maven-release.git
commit 63f478bc4b8d4e6fdebfa9a469348385b25e4f8a Author: rfscholte <[email protected]> AuthorDate: Sun Mar 29 16:25:26 2020 +0200 [MRELEASE-1037] Authentication failed on perform git-clone with 3.0.0-M1 --- .../config/PropertiesReleaseDescriptorStore.java | 48 ++++++++++++++++++-- .../PropertiesReleaseDescriptorStoreTest.java | 51 ++++++++++++++++++++-- 2 files changed, 91 insertions(+), 8 deletions(-) diff --git a/maven-release-manager/src/main/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStore.java b/maven-release-manager/src/main/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStore.java index 9937104..a7506b8 100644 --- a/maven-release-manager/src/main/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStore.java +++ b/maven-release-manager/src/main/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStore.java @@ -93,6 +93,15 @@ public class PropertiesReleaseDescriptorStore throw new ReleaseDescriptorStoreException( "Error reading properties file '" + file.getName() + "': " + e.getMessage(), e ); } + + try + { + decryptProperties( properties ); + } + catch ( IllegalStateException | SecDispatcherException | PlexusCipherException e ) + { + getLogger().debug( e.getMessage() ); + } ReleaseDescriptorBuilder builder; if ( mergeDescriptor != null ) @@ -350,11 +359,44 @@ public class PropertiesReleaseDescriptorStore { return new File( mergeDescriptor.getWorkingDirectory(), "release.properties" ); } + + private void decryptProperties( Properties properties ) + throws IllegalStateException, SecDispatcherException, PlexusCipherException + { + String[] keys = new String[] { "scm.password", "scm.passphrase" }; + + for ( String key : keys ) + { + String value = properties.getProperty( key ); + if ( value != null ) + { + properties.put( key, decrypt( value ) ); + } + } + } // From org.apache.maven.cli.MavenCli.encryption(CliRequest) private String encryptAndDecorate( String passwd ) throws IllegalStateException, SecDispatcherException, PlexusCipherException { + final String master = getMaster(); + + DefaultPlexusCipher cipher = new DefaultPlexusCipher(); + String masterPasswd = cipher.decryptDecorated( master, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ); + return cipher.encryptAndDecorate( passwd, masterPasswd ); + } + + private String decrypt( String value ) throws IllegalStateException, SecDispatcherException, PlexusCipherException + { + final String master = getMaster(); + + DefaultPlexusCipher cipher = new DefaultPlexusCipher(); + String masterPasswd = cipher.decryptDecorated( master, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ); + return cipher.decryptDecorated( value, masterPasswd ); + } + + private String getMaster() throws SecDispatcherException + { String configurationFile = secDispatcher.getConfigurationFile(); if ( configurationFile.startsWith( "~" ) ) @@ -376,10 +418,8 @@ public class PropertiesReleaseDescriptorStore { throw new IllegalStateException( "Master password is not set in the setting security file: " + file ); } - - DefaultPlexusCipher cipher = new DefaultPlexusCipher(); - String masterPasswd = cipher.decryptDecorated( master, DefaultSecDispatcher.SYSTEM_PROPERTY_SEC_LOCATION ); - return cipher.encryptAndDecorate( passwd, masterPasswd ); + + return master; } } diff --git a/maven-release-manager/src/test/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStoreTest.java b/maven-release-manager/src/test/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStoreTest.java index 5347e29..e563fab 100644 --- a/maven-release-manager/src/test/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStoreTest.java +++ b/maven-release-manager/src/test/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStoreTest.java @@ -1,5 +1,13 @@ package org.apache.maven.shared.release.config; +import static org.junit.Assert.assertNotEquals; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.Properties; + import org.apache.maven.shared.release.config.ReleaseDescriptorBuilder.BuilderReleaseDescriptor; /* @@ -26,9 +34,6 @@ import org.apache.maven.shared.release.scm.IdentifiedScm; import org.codehaus.plexus.PlexusTestCase; import org.sonatype.plexus.components.sec.dispatcher.SecDispatcher; -import java.io.File; -import java.io.IOException; - /** * Test the properties store. * @@ -248,7 +253,7 @@ public class PropertiesReleaseDescriptorStoreTest assertEquals( "compare configuration", config.build(), rereadDescriptor ); } - + public void testDeleteFile() throws ReleaseDescriptorStoreException, IOException { @@ -280,6 +285,44 @@ public class PropertiesReleaseDescriptorStoreTest assertFalse( "Check file already exists", file.exists() ); } + + public void testWriteEncryptedProperties() + throws Exception + { + final String scmPassword = "s3cr3t_SCMPASSWORD"; + final String scmPassPhrase = "s3cr3t_SCMPASSPHRASE"; + + ReleaseDescriptorBuilder config = new ReleaseDescriptorBuilder(); + config.setCompletedPhase( "completed-phase-write" ); + config.setScmSourceUrl( "url-write" ); + + config.setScmPassword( scmPassword ); + config.setScmPrivateKeyPassPhrase( scmPassPhrase ); + + File file = getTestFile( "target/test-classes/encrypt/release.properties" ); + file.getParentFile().mkdirs(); + + store.write( config.build(), file ); + + Properties persistedProperties = new Properties(); + try ( InputStream is = new FileInputStream( file ) ) + { + persistedProperties.load( is ); + } + + String persistedPassword = persistedProperties.getProperty( "scm.password" ); + assertNotNull( persistedPassword ); + assertNotEquals( scmPassword, persistedPassword ); + + String persistedPassPhrase = persistedProperties.getProperty( "scm.passphrase" ); + assertNotNull( persistedPassPhrase ); + assertNotEquals( scmPassPhrase, persistedPassPhrase ); + + ReleaseDescriptorBuilder builder = store.read( file ); + BuilderReleaseDescriptor descriptor = builder.build(); + assertEquals( scmPassword, descriptor.getScmPassword() ); + assertEquals( scmPassPhrase, descriptor.getScmPrivateKeyPassPhrase() ); + } private ReleaseDescriptorBuilder createReleaseConfigurationForWriting() {
